Subject: root, toor, csh, sh... (LONG)
To: None <netbsd-advocacy@netbsd.org>
From: Marc Baudoin <babafou@babafou.eu.org>
List: netbsd-advocacy
Date: 03/16/1999 21:55:46
  by redmail.netbsd.org with SMTP; 16 Mar 1999 20:55:47 -0000
	by agm-ita.agm-ita.ensta.fr (8.9.3/8.9.3) with ESMTP id VAA17442
	for <netbsd-advocacy@netbsd.org>; Tue, 16 Mar 1999 21:55:44 +0100 (CET)
	by skiff.babafou.eu.org (8.9.3/8.9.3) id VAA00326
	for netbsd-advocacy@netbsd.org; Tue, 16 Mar 1999 21:55:47 +0100 (CET)
Date: Tue, 16 Mar 1999 21:55:46 +0100
From: Marc Baudoin <babafou@babafou.eu.org>
To: netbsd-advocacy@netbsd.org
Subject: root, toor, csh, sh... (LONG)
Message-ID: <19990316215545.A267@skiff.babafou.eu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii

As I'm one of the guys who launched this whole thing, I'd like to
focus the discussion back to technical matters, as has always
been NetBSD's primary concern.

I love NetBSD because it runs on so many architectures.  This
feature is not an accident, it's a direct result of the clean
design of the kernel.  But we should also care about the
cleanliness of the userland.

I'd really like NetBSD to spread and have a wider impact than it
already has.  Much work has been done and much work still needs
to be done.

I think our main concern in this discussion should be new users,
should they be novice, advanced or in between.

The fact that the standard NetBSD installation ships a second
root account (the famous toor) that triggers a warning in
/etc/security and phony accounts that doesn't seem necessary
(operator) or even are not necessary (news, ingres and falken) is
wrong, or so I think.

toor is wrong because it gives a sentiment of poor security in
NetBSD (even if it's disabled, it's still a second root account
and most people have to remove it to shut /etc/security down).
If some people want to have other root accounts, they should
*add* them deliberately, not the other way around.

news, ingres and falken (and maybe operator) are wrong because
they don't own any file in a full installation.  Some may say we
should just leave falken because it's a tradition and it has
always been like that.  Tradition and the technical ideal of
NetBSD don't mix well...

My idea is to ship NetBSD with /etc/passwd and /etc/group files
as simple as possible, with only the minimal set of needed users
and groups.  Let people add users and groups if they need them,
but not remove.  I think new users will have a bad feeling about
a system that ships funny accounts, even if they're disabled, so
we should get rid of them (the accounts, not the new users :-)

As of root's shell, I've less definitive ideas about it.  Once
more, invoking tradition or BSDisms is not the solution and the
petty bickering about BSD vs System V is pointless as both of
them are dead (I'm really don't like many things in System Vish
UNIXes but that's not the point here).  Please, let's look ahead.

Personally, one of the first things I do when installing a brand
new system (NetBSD or another UNIX) is compile my favorite shell
(statically linked) and put it in /bin (or /sbin on some other
UNIXes).  I then change the root shell to use it.

Anyway, one thing I won't like in NetBSD is tampering with sh to
add line editing capabilities or some other goodies.  On many
Linux systems, where /bin/sh is in fact a bash, I've had a lot of
problems because bash don't behave exactly like a plain Bourne
shell.  Please don't do the same mistake.

Is making root's shell more user friendly good?  I won't say no
because that's what I do (makes work a lot easier, that's
obvious).  Now, which one to choose? sh, csh, ksh, bash, tcsh,
zsh?  Frankly, it's not an easy choice to make.  Both csh and sh
are dead, dead, dead, I think. Then, among the so called user
friendly shells, I think we should only consider bash, tcsh and
zsh (I've always had bad times with ksh). Zsh would be a good
choice because it's compatible with most of C shell and Bourne
shell syntaxes, you get the best of both worlds.  Bash would be a
bad choice because I've noticed a lot of problems with it.

But the root's shell debate is far less important than the extra
accounts problems, IMHO.

To sum things up:
- Should be keep or remove the extra accounts I've mentioned and
  why?
- Should we change root's shell, why and for which one?

No flamewar, please, keep technical.

-- 
Marc Baudoin   -=-   <babafou@babafou.eu.org>